<?php

class AppController extends Controller {

    // Check if they are logged in
    function authenticate() {
        if (!$this->Session->check('User')) {
            $this->redirect(array('controller' => 'users', 'action' => 'login_form'));
            exit();
        } else {
            $user = $this->Session->Read('User');
            if ($user['Group']['security_level'] < 9)
                if (!in_array($this->name, explode(",", $user['Group']['whitelisted_controllers']))) {
                    $this->redirect(array('controller' => 'users', 'action' => 'logout'));
                    exit();
                }
        }
    }

    function beforeFilter() {
        if ($this->Session->check('User')) {
            global $user;
            $user = $this->Session->read('User');
            $this->set('user', $user);
        }
    }

    // Authenticate on every action, except the login form
    function afterFilter() {
        if ($this->action != 'login_form') {
            $this->authenticate();
        }
    }

}

?>